View Javadoc
1   /*
2    * Cloudformation Plugin for SonarQube
3    * Copyright (C) 2019 James Pether Sörling
4    * james@hack23.com
5    *
6    * This program is free software; you can redistribute it and/or
7    * modify it under the terms of the GNU Lesser General Public
8    * License as published by the Free Software Foundation; either
9    * version 3 of the License, or (at your option) any later version.
10   *
11   * This program is distributed in the hope that it will be useful,
12   * but WITHOUT ANY WARRANTY; without even the implied warranty of
13   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14   * Lesser General Public License for more details.
15   *
16   * You should have received a copy of the GNU Lesser General Public License
17   * along with this program; if not, write to the Free Software Foundation,
18   * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
19   */
20  package com.hack23.sonar.cloudformation.reports.process;
21  
22  import java.io.IOException;
23  import java.nio.charset.StandardCharsets;
24  import java.nio.file.FileSystems;
25  import java.nio.file.Files;
26  import java.util.Optional;
27  
28  import org.junit.Assert;
29  import org.junit.Test;
30  import org.sonar.api.batch.fs.internal.DefaultFileSystem;
31  import org.sonar.api.batch.fs.internal.DefaultInputFile;
32  import org.sonar.api.batch.fs.internal.TestInputFileBuilder;
33  import org.sonar.api.batch.sensor.internal.SensorContextTester;
34  import org.sonar.api.scan.filesystem.PathResolver;
35  
36  /**
37   * The Class CfnNagProcessReportsTest.
38   */
39  public class CfnNagProcessReportsTest extends Assert {
40  
41  
42  	/**
43  	 * Execute simple nag report test.
44  	 *
45  	 * @throws IOException Signals that an I/O exception has occurred.
46  	 */
47  	@Test
48  	public void executeSimpleNagReportTest() throws IOException {
49  		final DefaultFileSystem fileSystem = new DefaultFileSystem(
50  				FileSystems.getDefault().getPath(".").toAbsolutePath());
51  
52  		final DefaultInputFile inputFile = new TestInputFileBuilder("key",
53  				"src/test/resources/aws-cross-account-manager-master.yml")
54  						.setLanguage("yaml")
55  						.initMetadata(new String(Files.readAllBytes(
56  								FileSystems.getDefault().getPath("src/test/resources/aws-cross-account-manager-master.yml"))))
57  						.setCharset(StandardCharsets.UTF_8).build();
58  		fileSystem.add(inputFile);
59  
60  		final CfnNagProcessReports cloudformationSensor = new CfnNagProcessReports(fileSystem, new PathResolver());
61  
62  		final SensorContextTester sensorContext = SensorContextTester
63  				.create(FileSystems.getDefault().getPath(".").toAbsolutePath());
64  		sensorContext.fileSystem().add(inputFile);
65  		cloudformationSensor.processCfnNagReport(sensorContext,Optional.of("src/test/resources/aws-cross-account-manager-master.yml.nag"));
66  		assertFalse(sensorContext.allIssues().isEmpty());
67  		assertEquals(44,sensorContext.allIssues().size());
68  
69  	}
70  
71  
72  	/**
73  	 * Execute simple nag report missing template test.
74  	 *
75  	 * @throws IOException Signals that an I/O exception has occurred.
76  	 */
77  	@Test
78  	public void executeSimpleNagReportMissingTemplateTest() throws IOException {
79  		final DefaultFileSystem fileSystem = new DefaultFileSystem(
80  				FileSystems.getDefault().getPath(".").toAbsolutePath());
81  
82  		final CfnNagProcessReports cloudformationSensor = new CfnNagProcessReports(fileSystem, new PathResolver());
83  
84  		final SensorContextTester sensorContext = SensorContextTester
85  				.create(FileSystems.getDefault().getPath(".").toAbsolutePath());
86  		cloudformationSensor.processCfnNagReport(sensorContext,Optional.of("src/test/resources/aws-cross-account-manager-master.yml.nag"));
87  		assertFalse(sensorContext.allIssues().isEmpty());
88  		assertEquals(13,sensorContext.allIssues().size());
89  	}
90  
91  	/**
92  	 * Execute simple nag scan report test.
93  	 *
94  	 * @throws IOException Signals that an I/O exception has occurred.
95  	 */
96  	@Test
97  	public void executeSimpleNagScanReportTest() throws IOException {
98  		final DefaultFileSystem fileSystem = new DefaultFileSystem(
99  				FileSystems.getDefault().getPath(".").toAbsolutePath());
100 
101 		final DefaultInputFile inputFile = new TestInputFileBuilder("key", "src/test/resources/CloudTrailAllAccounts.yml")
102 				.setLanguage("yaml")
103 				.initMetadata(new String(Files.readAllBytes(
104 						FileSystems.getDefault().getPath("src/test/resources/CloudTrailAllAccounts.yml"))))
105 				.setCharset(StandardCharsets.UTF_8).build();
106 		fileSystem.add(inputFile);
107 
108 		final CfnNagProcessReports cloudformationSensor = new CfnNagProcessReports(fileSystem, new PathResolver());
109 
110 		final SensorContextTester sensorContext = SensorContextTester
111 				.create(FileSystems.getDefault().getPath(".").toAbsolutePath());
112 		sensorContext.fileSystem().add(inputFile);
113 		cloudformationSensor.processCfnNagReport(sensorContext,Optional.of("src/test/resources/cfn-nag-scan.nagscan"));
114 		assertFalse(sensorContext.allIssues().isEmpty());
115 		assertEquals(6,sensorContext.allIssues().size());
116 	}
117 
118 	/**
119 	 * Execute simple nag scan report template missing test.
120 	 *
121 	 * @throws IOException Signals that an I/O exception has occurred.
122 	 */
123 	@Test
124 	public void executeSimpleNagScanReportTemplateMissingTest() throws IOException {
125 		final DefaultFileSystem fileSystem = new DefaultFileSystem(
126 				FileSystems.getDefault().getPath(".").toAbsolutePath());
127 
128 		final CfnNagProcessReports cloudformationSensor = new CfnNagProcessReports(fileSystem, new PathResolver());
129 
130 		final SensorContextTester sensorContext = SensorContextTester
131 				.create(FileSystems.getDefault().getPath(".").toAbsolutePath());
132 		cloudformationSensor.processCfnNagReport(sensorContext,Optional.of("src/test/resources/cfn-nag-scan.nagscan"));
133 		assertFalse(sensorContext.allIssues().isEmpty());
134 		assertEquals(6,sensorContext.allIssues().size());
135 	}
136 
137 	/**
138 	 * Execute nag scan report bad property test.
139 	 *
140 	 * @throws IOException Signals that an I/O exception has occurred.
141 	 */
142 	@Test
143 	public void executeNagScanReportBadPropertyTest() throws IOException {
144 		final DefaultFileSystem fileSystem = new DefaultFileSystem(
145 				FileSystems.getDefault().getPath(".").toAbsolutePath());
146 
147 		final CfnNagProcessReports cloudformationSensor = new CfnNagProcessReports(fileSystem, new PathResolver());
148 
149 		final SensorContextTester sensorContext = SensorContextTester
150 				.create(FileSystems.getDefault().getPath(".").toAbsolutePath());
151 		cloudformationSensor.processCfnNagReport(sensorContext,Optional.of("src/test/resources/file-not-exist.nagscan"));
152 		assertTrue(sensorContext.allIssues().isEmpty());
153 	}
154 
155 
156 
157 	/**
158 	 * Execute missing property test.
159 	 *
160 	 * @throws IOException Signals that an I/O exception has occurred.
161 	 */
162 	@Test
163 	public void executeMissingPropertyTest() throws IOException {
164 		final DefaultFileSystem fileSystem = new DefaultFileSystem(
165 				FileSystems.getDefault().getPath(".").toAbsolutePath());
166 
167 		final CfnNagProcessReports cloudformationSensor = new CfnNagProcessReports(fileSystem, new PathResolver());
168 
169 		final SensorContextTester sensorContext = SensorContextTester
170 				.create(FileSystems.getDefault().getPath(".").toAbsolutePath());
171 		cloudformationSensor.processCfnNagReport(sensorContext,Optional.empty());
172 		assertTrue(sensorContext.allIssues().isEmpty());
173 	}
174 
175 
176 	/**
177 	 * Execute mixed file report test.
178 	 *
179 	 * @throws IOException Signals that an I/O exception has occurred.
180 	 */
181 	@Test
182 	public void executeMixedFileReportTest() throws IOException {
183 		final DefaultFileSystem fileSystem = new DefaultFileSystem(
184 				FileSystems.getDefault().getPath(".").toAbsolutePath());
185 
186 		final DefaultInputFile inputFile = new TestInputFileBuilder("key", "src/test/resources/CloudTrailAllAccounts.yml")
187 				.setLanguage("yaml")
188 				.initMetadata(new String(Files.readAllBytes(
189 						FileSystems.getDefault().getPath("src/test/resources/CloudTrailAllAccounts.yml"))))
190 				.setCharset(StandardCharsets.UTF_8).build();
191 		fileSystem.add(inputFile);
192 
193 		final DefaultInputFile inputFile2 = new TestInputFileBuilder("key",
194 				"src/test/resources/aws-cross-account-manager-master.yml")
195 						.setLanguage("yaml")
196 						.initMetadata(new String(Files.readAllBytes(
197 								FileSystems.getDefault().getPath("src/test/resources/aws-cross-account-manager-master.yml"))))
198 						.setCharset(StandardCharsets.UTF_8).build();
199 		fileSystem.add(inputFile2);
200 
201 		final CfnNagProcessReports cloudformationSensor = new CfnNagProcessReports(fileSystem, new PathResolver());
202 
203 		final SensorContextTester sensorContext = SensorContextTester
204 				.create(FileSystems.getDefault().getPath(".").toAbsolutePath());
205 		sensorContext.fileSystem().add(inputFile);
206 		sensorContext.fileSystem().add(inputFile2);
207 		cloudformationSensor.processCfnNagReport(sensorContext,Optional.of("src/test/resources/aws-cross-account-manager-master.yml.nag,src/test/resources/cfn-nag-scan.nagscan"));
208 		assertFalse(sensorContext.allIssues().isEmpty());
209 		assertEquals(58,sensorContext.allIssues().size());
210 	}
211 
212 
213 	/**
214 	 * Execute file report with custom rules test.
215 	 *
216 	 * @throws IOException Signals that an I/O exception has occurred.
217 	 */
218 	@Test
219 	public void executeFileReportWithCustomRulesTest() throws IOException {
220 		final DefaultFileSystem fileSystem = new DefaultFileSystem(
221 				FileSystems.getDefault().getPath(".").toAbsolutePath());
222 
223 		final DefaultInputFile inputFile = new TestInputFileBuilder("key", "src/test/resources/CloudTrailAllAccounts.yml")
224 				.setLanguage("yaml")
225 				.initMetadata(new String(Files.readAllBytes(
226 						FileSystems.getDefault().getPath("src/test/resources/CloudTrailAllAccounts.yml"))))
227 				.setCharset(StandardCharsets.UTF_8).build();
228 		fileSystem.add(inputFile);
229 
230 		final DefaultInputFile inputFile2 = new TestInputFileBuilder("key",
231 				"src/test/resources/aws-cross-account-manager-master.yml")
232 						.setLanguage("yaml")
233 						.initMetadata(new String(Files.readAllBytes(
234 								FileSystems.getDefault().getPath("src/test/resources/aws-cross-account-manager-master.yml"))))
235 						.setCharset(StandardCharsets.UTF_8).build();
236 		fileSystem.add(inputFile2);
237 
238 		final CfnNagProcessReports cloudformationSensor = new CfnNagProcessReports(fileSystem, new PathResolver());
239 
240 		final SensorContextTester sensorContext = SensorContextTester
241 				.create(FileSystems.getDefault().getPath(".").toAbsolutePath());
242 		sensorContext.fileSystem().add(inputFile);
243 		sensorContext.fileSystem().add(inputFile2);
244 		cloudformationSensor.processCfnNagReport(sensorContext,Optional.of("src/test/resources/cfn-nag-scan-custom-rules.nagscan"));
245 		assertFalse(sensorContext.allIssues().isEmpty());
246 		assertEquals(14,sensorContext.allIssues().size());
247 	}
248 
249 	/**
250 	 * Execute file report with missing line numbers test.
251 	 *
252 	 * @throws IOException Signals that an I/O exception has occurred.
253 	 */
254 	@Test
255 	public void executeFileReportWithMissingLineNumbersTest() throws IOException {
256 		final DefaultFileSystem fileSystem = new DefaultFileSystem(
257 				FileSystems.getDefault().getPath(".").toAbsolutePath());
258 
259 		final DefaultInputFile inputFile = new TestInputFileBuilder("key", "src/test/resources/CloudTrailAllAccounts.yml")
260 				.setLanguage("yaml")
261 				.initMetadata(new String(Files.readAllBytes(
262 						FileSystems.getDefault().getPath("src/test/resources/CloudTrailAllAccounts.yml"))))
263 				.setCharset(StandardCharsets.UTF_8).build();
264 		fileSystem.add(inputFile);
265 
266 		final DefaultInputFile inputFile2 = new TestInputFileBuilder("key",
267 				"src/test/resources/aws-cross-account-manager-master.yml")
268 						.setLanguage("yaml")
269 						.initMetadata(new String(Files.readAllBytes(
270 								FileSystems.getDefault().getPath("src/test/resources/aws-cross-account-manager-master.yml"))))
271 						.setCharset(StandardCharsets.UTF_8).build();
272 		fileSystem.add(inputFile2);
273 
274 		final CfnNagProcessReports cloudformationSensor = new CfnNagProcessReports(fileSystem, new PathResolver());
275 
276 		final SensorContextTester sensorContext = SensorContextTester
277 				.create(FileSystems.getDefault().getPath(".").toAbsolutePath());
278 		sensorContext.fileSystem().add(inputFile);
279 		sensorContext.fileSystem().add(inputFile2);
280 		cloudformationSensor.processCfnNagReport(sensorContext,Optional.of("src/test/resources/cfn-nag-scan-missing-linenumbers.nagscan"));
281 		assertFalse(sensorContext.allIssues().isEmpty());
282 		assertEquals(8,sensorContext.allIssues().size());
283 	}
284 
285 }